<?php

function LoginIn($user, $password) {

    $mysqli = new mysqli("localhost", "root", null, "napfa_system");
    
    $stmt = $mysqli->prepare("Select userName,userRoles, password from user where userName=? and password=?");

    $stmt->bind_param("ss", $user, $password);

    $stmt->execute();

    $stmt->store_result();


    if ($stmt->num_rows() > 0) {
        $result = $stmt->bind_result($iuser, $role, $ipass);
    } else {
        echo "<script>alert('You have enter a wrong username or password')</script>";
    }
    while ($stmt->fetch()) {
        $_SESSION['userid'] = $iuser;
        $_SESSION['role'] = $role;
    }
    $stmt->close();
    $mysqli->close();
}

function AddNewLecturer($name, $nric, $staffId, $course, $gender, $email, $role, $pass) {
    
    $mysqli = new mysqli("localhost", "root", null, "napfa_system");
    
    $stmt = $mysqli->prepare("INSERT into lecturer (name, nric, staffId, course, gender, email, role) 
                            VALUES (?,?,?,?,?,?,?)");

    $stmt->bind_param("sssssss", $name, $nric, $staffId, $course, $gender, $email, $role);

    $result = $stmt->execute();
    
    $stmt2 = $mysqli->prepare("INSERT into user (userName, userRoles, password) VALUES (?,?,?)");

    $stmt2->bind_param("sss", $staffId, $role, $pass);

    $result2 = $stmt2->execute();
    
    if ($result && $result2) {
        echo "<script>alert('You have successfully add a new lecturer')</script>";
    }
    else{
        echo "<script>alert('Not inserted')</script>";
    }
    
    $stmt->close();

    $mysqli->close();
}
function rand_string( $length ) {
    
	$chars = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789";	

	$size = strlen( $chars );
	for( $i = 0; $i < $length; $i++ ) {
		$str .= $chars[ rand( 0, $size - 1 ) ];
	}

	return $str;
}
?>
